[OE-core][kirkstone 00/16] Patch review

Steve Sakoman Mon, 20 Jan 2025 09:51:15 -0800

Please review this set of changes for kirkstone and have comments back by
end of day Wednesday, January 22


Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/842

The following changes since commit 8c32d91b64ae296d7832ddeb42983f4f3c237946:

  ofono: fix CVE-2024-7547 (2025-01-14 05:49:41 -0800)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Aleksandar Nikolic (1):
  scripts/install-buildtools: Update to 4.0.23

Alexander Kanavin (1):
  rsync: update 3.2.5 -> 3.2.7

Archana Polampalli (6):
  rsync: fix CVE-2024-12084
  rsync: fix CVE-2024-12085
  rsync: fix CVE-2024-12086
  rsync: fix CVE-2024-12087
  rsync: fix CVE-2024-12088
  rsync: fix CVE-2024-12747

Divya Chellam (1):
  wget: fix CVE-2024-10524

Khem Raj (1):
  rsync: Delete pedantic errors re-ordering patch

Peter Marko (2):
  socat: patch CVE-2024-54661
  ofono: patch CVE-2024-7540, CVE-2024-7541, CVE-2024-7542

Ross Burton (2):
  classes/nativesdk: also override TUNE_PKGARCH
  classes/qemu: use tune to select QEMU_EXTRAOPTIONS, not package
    architecture

Zhang Peng (2):
  avahi: fix CVE-2024-52616
  vte: fix CVE-2024-37535

 meta/classes/nativesdk.bbclass                |   1 +
 meta/classes/qemu.bbclass                     |   8 +-
 meta/recipes-connectivity/avahi/avahi_0.8.bb  |   1 +
 .../avahi/files/CVE-2024-52616.patch          | 104 +++++++++
 ...024-7540_CVE-2024-7541_CVE-2024-7542.patch |  52 +++++
 meta/recipes-connectivity/ofono/ofono_1.34.bb |   1 +
 .../socat/socat/CVE-2024-54661.patch          | 113 ++++++++++
 .../socat/socat_1.7.4.4.bb                    |   4 +-
 meta/recipes-devtools/gcc/gcc-testsuite.inc   |   6 +-
 ...-prototypes-to-function-declarations.patch |  28 ++-
 ...antic-errors-at-the-end-of-configure.patch |  68 ------
 .../rsync/files/CVE-2024-12084-0001.patch     | 156 ++++++++++++++
 .../rsync/files/CVE-2024-12084-0002.patch     |  43 ++++
 .../rsync/files/CVE-2024-12085.patch          |  32 +++
 .../rsync/files/CVE-2024-12086-0001.patch     |  42 ++++
 .../rsync/files/CVE-2024-12086-0002.patch     | 108 ++++++++++
 .../rsync/files/CVE-2024-12086-0003.patch     | 108 ++++++++++
 .../rsync/files/CVE-2024-12086-0004.patch     |  41 ++++
 .../rsync/files/CVE-2024-12087-0001.patch     |  49 +++++
 .../rsync/files/CVE-2024-12087-0002.patch     |  31 +++
 .../rsync/files/CVE-2024-12087-0003.patch     |  40 ++++
 .../rsync/files/CVE-2024-12088.patch          | 141 +++++++++++++
 .../rsync/files/CVE-2024-12747.patch          | 192 +++++++++++++++++
 .../rsync/{rsync_3.2.5.bb => rsync_3.2.7.bb}  |  15 +-
 .../wget/wget/CVE-2024-10524.patch            | 197 ++++++++++++++++++
 meta/recipes-extended/wget/wget_1.21.4.bb     |   1 +
 .../vte/vte/CVE-2024-37535-0001.patch         |  63 ++++++
 .../vte/vte/CVE-2024-37535-0002.patch         |  85 ++++++++
 meta/recipes-support/vte/vte_0.66.2.bb        |   9 +-
 scripts/install-buildtools                    |   4 +-
 30 files changed, 1645 insertions(+), 98 deletions(-)
 create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2024-52616.patch
 create mode 100644 
meta/recipes-connectivity/ofono/ofono/CVE-2024-7540_CVE-2024-7541_CVE-2024-7542.patch
 create mode 100644 meta/recipes-connectivity/socat/socat/CVE-2024-54661.patch
 delete mode 100644 
meta/recipes-devtools/rsync/files/0001-Turn-on-pedantic-errors-at-the-end-of-configure.patch
 create mode 100644 meta/recipes-devtools/rsync/files/CVE-2024-12084-0001.patch
 create mode 100644 meta/recipes-devtools/rsync/files/CVE-2024-12084-0002.patch
 create mode 100644 meta/recipes-devtools/rsync/files/CVE-2024-12085.patch
 create mode 100644 meta/recipes-devtools/rsync/files/CVE-2024-12086-0001.patch
 create mode 100644 meta/recipes-devtools/rsync/files/CVE-2024-12086-0002.patch
 create mode 100644 meta/recipes-devtools/rsync/files/CVE-2024-12086-0003.patch
 create mode 100644 meta/recipes-devtools/rsync/files/CVE-2024-12086-0004.patch
 create mode 100644 meta/recipes-devtools/rsync/files/CVE-2024-12087-0001.patch
 create mode 100644 meta/recipes-devtools/rsync/files/CVE-2024-12087-0002.patch
 create mode 100644 meta/recipes-devtools/rsync/files/CVE-2024-12087-0003.patch
 create mode 100644 meta/recipes-devtools/rsync/files/CVE-2024-12088.patch
 create mode 100644 meta/recipes-devtools/rsync/files/CVE-2024-12747.patch
 rename meta/recipes-devtools/rsync/{rsync_3.2.5.bb => rsync_3.2.7.bb} (81%)
 create mode 100644 meta/recipes-extended/wget/wget/CVE-2024-10524.patch
 create mode 100644 meta/recipes-support/vte/vte/CVE-2024-37535-0001.patch
 create mode 100644 meta/recipes-support/vte/vte/CVE-2024-37535-0002.patch

-- 
2.43.0

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#210044): 
https://lists.openembedded.org/g/openembedded-core/message/210044
Mute This Topic: https://lists.openembedded.org/mt/110718881/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 00/16] Patch review

Reply via email to